Total
31847 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6385 | 1 Juniper | 1 Junos | 2025-04-12 | 6.1 MEDIUM | N/A |
| Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows remote attackers to cause a denial of service (kernel crash and restart) via a crafted fragmented OSPFv3 packet with an IPsec Authentication Header (AH). | |||||
| CVE-2016-3545 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Web based help screens. | |||||
| CVE-2016-3324 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | |||||
| CVE-2015-4896 | 2 Debian, Oracle | 2 Debian Linux, Vm Virtualbox | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core. | |||||
| CVE-2016-5539 | 1 Oracle | 1 Micros Xstore Payment | 2025-04-12 | 4.6 MEDIUM | 7.3 HIGH |
| Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-0623 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. | |||||
| CVE-2014-7898 | 2 Hp, Microsoft | 2 Ole Point Of Sale Driver, Windows | 2025-04-12 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-7893 | 1 Hp | 6 Hybrid Pos Printer With Micr Us Fk184aa, Ole Point Of Sale Driver, Pusb Thermal Receipt Printer F7m67aa and 3 more | 2025-04-12 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507. | |||||
| CVE-2016-1809 | 1 Apple | 1 Mac Os X | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Disk Utility in Apple OS X before 10.11.5 uses incorrect encryption keys for disk images, which has unspecified impact and attack vectors. | |||||
| CVE-2014-0040 | 1 Redhat | 1 Openstack | 2025-04-12 | 4.3 MEDIUM | N/A |
| OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, uses an HTTP connection to download (1) packages and (2) signing keys from Yum repositories, which allows man-in-the-middle attackers to prevent updates via unspecified vectors. | |||||
| CVE-2016-3570 | 1 Oracle | 1 Primavera P6 Enterprise Project Portfolio Management | 2025-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3569, CVE-2016-3571, and CVE-2016-3573. | |||||
| CVE-2016-0436 | 1 Oracle | 1 Retail Applications | 2025-04-12 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0437, and CVE-2016-0438. | |||||
| CVE-2014-7254 | 1 Fujitsu | 1 Arrows Me F-11d | 2025-04-12 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in ARROWS Me F-11D allows physically proximate attackers to read or modify flash memory via unknown vectors. | |||||
| CVE-2016-4387 | 1 Hp | 1 Keyview | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390. | |||||
| CVE-2016-0478 | 1 Oracle | 1 Application Testing Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0476 and CVE-2016-0477. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet, which allows remote attackers to read arbitrary files via directory traversal sequences in the scriptName parameter. | |||||
| CVE-2016-4821 | 1 Iodata | 2 Etx-r, Etx-r Firmware | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. | |||||
| CVE-2014-6352 | 1 Microsoft | 8 Windows 7, Windows 8, Windows 8.1 and 5 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document. | |||||
| CVE-2015-2652 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management. | |||||
| CVE-2016-6174 | 2 Invisioncommunity, Php | 2 Invision Power Board, Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter. | |||||
| CVE-2015-0487 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology, a different vulnerability than CVE-2015-0472. | |||||